On Sun, Jan 02, 2011 at 10:23:42PM -0500, [email protected] wrote:
>Good evening. I am trying to confirm the ownership of the /etc/fstab file. If
>the owner is root then set the "confirmed" class. Am I completely off base
>with this example?
Maybe not completely off base, but perhaps skirting the edges...
># ls -l /etc/fstab
>-rw-r--r-- 1 root root 844 May 8 2010 /etc/fstab
>
>
>########
>body common control
>{
>bundlesequence => { "test" };
>inputs => { "cfengine_stdlib.cf" };
>}
>
>bundle agent test
>{
>vars:
>"myuser" string => "root";
>
>files:
>"/etc/fstab"
>file_select => example($(myuser)),
>classes => if_ok("confirmed");
>
>confirmed::
>"/tmp/ItsAMatch"
>comment => "Ownership was confirmed",
>create => "true";
>
>}
>
>body file_select example(user)
>{
>search_owners => { $(user) };
>file_result => "owner";
>}
You haven't actually instructed cfengine to actually *do* anything.
Since there's no promise to keep, no class needs to be set. I also
believe that the file_select routines are run before other operations,
so even if the file exists, but has the wrong permissions, it will be
excluded from further processing because it doesn't match the filter.
Instead, try this:
bundle agent stub {
files:
"/tmp/test"
perms => owner('root'),
classes => if_ok('confirmed');
reports:
!confirmed::
"FAILED Confirmed owner on /tmp/test";
confirmed::
"Confirmed owner on /tmp/test";
}
This does, of course, have the side-effect of setting the owner, which
may not be desired...
--
Jesse Becker
NHGRI Linux support (Digicon Contractor)
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
